Weekend Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GSLC - GIAC Security Leadership Certification (GSLC)

GIAC GSLC Premium Access     Download Demo    
Page: 7 / 12
Total 567 questions

Which of the following honeypots captures limited amounts of information, mainly transactional data and some limited interaction?

A.

Low-interaction

B.

High-interaction

C.

Network

D.

Medium-interaction

Which of the following tools can be used to perform ICMP tunneling?

Each correct answer represents a complete solution. Choose two.

A.

WinTunnel

B.

Ethereal

C.

Itunnel

D.

Ptunnel

You are concerned about attackers simply passing by your office, discovering your wireless network, and getting into your network via the wireless connection. Which of the following are NOT steps in securing your wireless connection?

Each correct answer represents a complete solution. Choose two.

A.

Using either WEP or WPA encryption

B.

Hardening the server OS

C.

MAC filtering on the router

D.

Not broadcasting SSID

E.

Strong password policies on workstations.

Which of the following attacks allows an attacker to recover the key in an RC4 encrypted stream from a large number of messages in that stream?

A.

Rainbow attack

B.

SYN flood attack

C.

Zero Day attack

D.

FMS attack

Which of the following protocols uses a combination of public key and symmetric encryption to provide communication privacy, authentication, and message integrity for secure browsing on the Internet?

A.

MS-CHAP v2

B.

SSL

C.

WEP

D.

EFS

Which of the following is NOT an input of the Administer Procurements process?

A.

Contract

B.

Requirements traceability matrix

C.

Procurement management plan

D.

Procurement documents

E.

Work performance information

Which of the following options is an approach to restricting system access to authorized users?

A.

MIC

B.

DAC

C.

RBAC

D.

MAC

Which of the following is the rating for gasoline or oil fires?

A.

Class C

B.

Class B

C.

Class D

D.

Class A

Which of the following is a valid space efficiency of RAID 3?

A.

1 - 1/n

B.

1/n

C.

1 - 2/n

D.

1

Which of the following malware spread through the Internet and caused a large DoS attack in

1988?

A.

Morris worm

B.

LoveLetter worm

C.

SQL slammer worm

D.

Klez worm

Which of the following is used for high-level or comprehensive analysis, as well as for root cause analysis?

A.

Assumptions analysis

B.

Delphi method

C.

Brainstorming

D.

Checklist analysis

Ned is the program manager for his organization and he's considering some new materials for his program. He and his team have never worked with these materials before and he wants to ask the vendor for some additional information, a demon, and even some samples. What type of a document should Ned send to the vendor?

A.

IFB

B.

RFP

C.

RFI

D.

RFQ

SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol?

Each correct answer represents a complete solution. Choose all that apply.

A.

DES

B.

Blowfish

C.

IDEA

D.

RC4

Which of the following attacks can be performed by Brutus for cracking a password?

Each correct answer represents a complete solution. Choose two.

A.

Hybrid attack

B.

Replay attack

C.

Brute force attack

D.

Man-in-the-middle attack

Which of the following is the practice of a domain name registrant using the five-day "grace period" (the Add Grace Period or AGP) at the beginning of the registration of an ICANN-regulated second-level domain to test the marketability of the domain?

A.

NMap

B.

Domain tasting

C.

Proxy server

D.

PsPasswd